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DOCUMENT-IDENTIFIER: US 5655007 A 

TITLE: Telephone based credit card protection 

Abstract Text (1) : 

A systiem and method for enhancing the security of use of a transaction device such 
as a transaction card through a telephone system wherein subscribers to the service 
may require voice authentication as a prerequisite to' a conventional transaction 
catd ftiithentication step.. The service is automatically invoked based on a code 
in6erti|bd in the card, or the identity of the calling subscriber, or the identity of 
th^ called authentication bureau. The service may also be invoked in situations 
which do not involve the use of a transaction device but which require the input of 
an identifying password or number when seeking access to limited access data or 
services . 

Brief Summary Text (12): 

Above identified parent application Ser. No. 08/322,133 (680-108) described an 
improved system and method for assuring added security in the use of credit or 
debit cards using a unique methodology adapted to be implemented by largely 
existing facilities in a public switched telephone network having an advanced 
intelligent signaling network and one or more intelligent peripheral platforms. 
According to one version of the system there described, the credit card holder 
subscribes to a security service in return for an incentive such as may be provided 
•by the credit card issuing entity/ such as offering a reduction of interest rate or 
a percentage rebate on purchase's for use of the new system. The credit card holder 
was permitted to subscribe to the new service through his residence telephone to 
set up a Personal Identification Number ( PIN ) and/or a voice print or template to 
control his credit card use. Having subscribed to the service and established such 
a PIN and voice template the card holder could utilize the credit card security 
procedure. Prior to use of the card the card holder accessed the security system by 
telephone, preferably but not necessarily his residence telephone, and effected 
verification by the preestablished PIN or voice template or both. Following such 
verification the card holder established or set at least one- and preferably two or 
more of the following parameters: 

Brief Summary Text (16) : 

4. A temporary PIN which the subscriber desires to have applicable under the 
restrictions set under 1, 2 and 3 above. 

Brief Summary Text (17): 

^* ^ voice verification using the preestablished template. 
Brief Summary Text (18): 

Following the establishment or setting of these parameters the point-of-sale 
authorization or usability of the credit card is then subject to those restrictions 
and will be activated only if all such restrictions are satisfied. The system and 
method can be accomplished using elements which are for the most part found in 
modern public switched telephone networks or at least in those which possess an 
Advanced Intelligent Network ' (AIN) . This includes such features as common channel 
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signaling, such as SS7 or the like, and one or more intelligent peripheral 
platforms. The location of attempted use of the credit card, usually a point-of- 
sale, was identified by the incoming call from the merchant presenting signals in 
the telephone network, such as ICLID, DNIC, or ANI . That system also provides for 
further verification by permitting a sales clerk at the point-of-sale terminal to 
mandatorily or optionally request the temporary PIN and confirmation of identify by 
voice authentication using the prestored voice template. A telephone station is 
normally available at the point-of-sale verification device. 

Brief Summary Text (23) : 

The added security methodology preferably requires voice verification and may also 
require one of more of the added limitations on card usage above described and 
detailed further hereinafter. 

Detailed Description Text (15) : 

In the normal plain old telephone service (POTS) type call processing, the central 
office switching system responds to an off-hook at one of the telephone stations 
and receives dialed digits from the calling station. The central office switching 
system analyzes the received digits to determine if the call is local or not. If 
the called telephone station is local and the call can be completed through the one 
central office, the central office switching system connects the calling station to 
the called station. If, however, the called station is not local, the call must be 
completed through one or more distant central offices, and further processing is 
necessary. If at this point the call were connected serially through the trunks and 
appropriate central offices between the caller and the called party using in 
channel signaling, the trunks would be engaged before a determination is made that 
the called line is available or busy. Particularly if the called line is busy, this 
would unnecessarily tie up limited voice trunk circuit capacity. The CCIS system 
through the STP's was developed to alleviate this problem. 

• Detailed Description Text (19) : 

For ordinary voice grade telephone service calls, there would be no event to 
trigger AIN processing; and the local and toll office switches would function 
normally and process such calls as discussed above, without referring to the SCP 
database for instructions. In a first mode of operation, an SSP type office (CO or 
tandem) which detects a trigger will suspend call processing, compile a TCAP 
formatted call data message and forward that message via a common channel 
interoffice signaling (CCIS) link and STP(s) to the ISCP 40 which includes the SCP 
database 43. The ISCP accesses its stored data tables to translate the received 
message data into a call control message and returns the call control message to 
the office of the network via CCIS link and STP(s). The SSP then uses the call 
control message to complete the particular call through the network. For AIN calls 
requiring a processing feature provided by the peripheral platform, the call 
control message would instruct the SSP to route the call to the associated 
peripheral platform. 

Detailed Description Text (20) : 

The IP 37 performs DTMF digit collection and voice announcement functions on 
telephone calls for a wide variety of telephone services available through the 
network. According to the invention and as discussed in more detail later, the. IP 
provides voice recognition capabilities for such interactions. Advanced 
implementations of the IP will also include various data communications means, 
e.g., for FAX mail services, screen-phone services, etc. 

Detailed Description Text (23) : 

In the preferred embodiment, the connection from the IP to the SSP would utilize a 
primary rate ISDN type trunk line for carrying both voice channels and signaling 
information. However, a number of alternate implementations of this connection can 
be used. For example, ' the connection may take the form of a Tl circuit carrying a 
number of Multiplexed Centrex line channels. If additional data signaling is 
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necessary from the switch to the IP, a Simplified Message Desk Interface (SMDI) 
link can be provided. SMDI is a standard form of maintenance port, available on 
many types of telephone switching systems, through which calling party number 
information can be supplied. For older switching systems not capable of call 
transfer through ISDN signaling or signaling on Tl Centrex lines, an additional 
switch could be added between the IP and the SSP. 

Detailed Description Text (25) : 

FIG. 3 illustrates a first, preferred embodiment of an IP used in the network of 
FIG. 1. In this implementation, the IP may consist of two or more general purpose 
computers IIOIA, IIOIB, such as IBM RS-6000*s. Each general purpose computer will 
include a digital voice processing card for sending and receiving speech and other 
audio frequency signals, such as an IBM D-talk 600. Each voice processing card will 
connect to a voice server card 1103A or 1103B which provides the actual interface 
to Tl or primary rate interface ISDN trunks to the SSP type switching office. The 
plurality of computers may have associated dedicated disk storage 1105A, 1105B, and 
the IP will included a shared disk memory 107. 

Detailed Description Text (27) : 

The IP may also include another general purpose computer 1115 configured as a 
terminal subsystem, for use as a maintenance and operations center (MOC) and 
providing operations personnel access to the IP. The number of processors provided 
in the IP and the number of voice servers will depend on project service demands. 
One additional processor and associated voice server will be provided as a backup 
(not shown) . 

Detailed Description Text (28) : 

Each general purpose computer IIOIA, IIOIB will run a node manager, an IP/ISCP 
Interface program, appropriate voice processing and voice 

recognition/authentication software and a variety of application software modules 
to offer the proposed services of the IP. The central administrator or "Node 
Manager" program module, running on each computer, will monitor and control the 
various IP resources and operations. 

Detailed Description Text (29) : 

The digital voice processing card and associated software will provide speech 
synthesis, speech recognition capabilities and DTMF tone signal reception, for use 
in a number of different applications. The speech synthesis and DTMF tone signal 
reception, for example, may replace the announcement and digit collection functions 
of the SSP switches in various existing AIN services. The general purpose computers 
and associated circuits may also run a variety of other types of service program 
modules, for example, a voice mail server module and/or a fax mail server module. 

Detailed Description Text (30) : 

FIG. 4 illustrates an alternate embodiment of the IP used in the network of FIG. 3. 
The alternate architecture utilizes separate modules for different types of 
services or functions, for example, one or two Direct Talk type voice server 
modules 1203A, 1203B for interfacing the trunk to the SSP, a separate module 1205 
for speech recognition, a server module 1209 for voice mail, and another server 
1207 for fax mail services, a level 1 gateway module 1237 for controlling broadband 
services, a speech authentication module 1237A, etc. The various modules 
communicate with one another via an internal data communication system 1210, which 
again may be an Ethernet type local area network. 

Detailed Description Text (31) : 

The Direct Talk modules 1203A, 1203B provide voice message transmission and dialed 
digit collection capabilities, as in the earlier embodiment. The modules 1203A, 
1203B also provide line interfaces for communications to and from those servers 
which do not incorporate line interfaces. For example, for facsimile mail, the 
Direct Talk module connected to a call would demodulate incoming data and convert 
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the data to a digital format compatible with the internal data communication 
network 1210. The data would then be transferred over network 1210 to the fax 
server 1207. For outgoing facsimile transmission, the server 1207 would transfer 
the data to one of the Direct Talk modules over the network 1210. The Direct Talk 
module would reformat and/or modulate the data as appropriate for transmission over 
the ISDN link to the SSP. The Direct Talk modules provide a similar interface 
function for the other servers, such as the voice mail server 1209. 

Detailed Description Text (33) : 

In each of the proposed architectures, the SSP switch would route voice grade 
telephone calls to the different elements of the IP in response to instructions 
from the ISCP. In the initial implementation using general purpose computers (FIG. 
3) , each of which offers all service functionalities, the decision to route to a 
particular one of the computers would be a resource availability/allocation 
decision. If necessary, data can be exchanged between the computers via the 
internal data communications network, e.g., if a message for a particular 
subscriber's service is stored in the disk memory associated with one computer but 
the other computer is actually processing the call. In the second implementation 
(FIG. 4), however, the ISCP would instruct the SSP to route the call to the 
particular line to the specific module capable of providing a calling customer's 
individual service. For example, if the subscriber has some form of speech 
recognition service, the call would be routed to the speech recognition module 
1205. For voice authentication, via a preestablished voice template, the call would 
be routed to module 1237A. If the subscriber has a voice mail service, the ISCP 
would instruct the SSP to route the call to one of the lines going to one of the 
voice server modules 1203A, 1203B, The module 1203A, or 1203B would receive 
outgoing voice messages from the voice mail server 1209 for transmission to the 
caller. The module 1203A or 1203B would decode DTMF signals and supply appropriate 
data to the voice mail server for control purposes. The module 1203A or 1203B would 
also format incoming voice messages for transmission over internal network 1210 and 
storage by server 1209. This query message is in the above described TCAP format 
for an initial query from an SSP. 

Detailed Description Text (36) : 

If the service identified in response to the information in the original TCAP query 
message requires one or more call processing functions of the IP, the ISCP 
transmits a "SEND TO RESOURCES" type TCAP message or a similar message from the 
+1129 protocol back to the SSP via the STP's of the SS7 signaling network. This 
message would include sufficient information to route the call to one of the lines 
going to a voice server interface 1103A or 1103B within the IP. If the IP connects 
directly to the SSP, the SSP simply activates appropriate internal switching 
elements to establish the call connection channel between the caller and the IP. If 
the IP does not connect to the particular SSP, the instruction will provide 
sufficient information to route the call through another switching system to the 
IP. As previously stated and as shown in FIGS. 1 and 5, the ISP is also directly 
connected by a second communication data link to the IP. 

Detailed Description Text (37) : 

When the IP receives the call, the SSP may provide the IP with a substantial amount 
of information about the particular call, including the dialed digits and the 
calling party's telephone number. In response to the call, the IP may formulate a 
query message containing this information. The IP may transmit this query message 
to the ISCP via the second signaling communication network. The ISCP will utilize 
the information from the IP query message to access the stored data tables in the 
SCP database 43, formulate an appropriate instruction, and transmit that 
instruction back to the IP via the second signaling communication network. For 
example, in a call blocking type service or in the service of the present invention 
requiring a caller to input a PIN number in order to reach a called subscriber or 
effect credit card authorization, .the instruction might identify a prompting 
message and specify a number of digits to be collected. The IP would receive the 
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message and perform the call processing function specified in the instruction. In 
the present voice authentication embodiment of the invention, the instruction would 
direct the IP to select the template corresponding to the calling user, have the 
user speak the word represented by the template, make the comparison, and signal a 
match or no-match. In the case of a match, the IP would be instructed to complete 
the transaction and store the pertinent record data. 

Detailed Description Text (39) : 

In a call blocking example, the IP function would involve retrieval of the 
identified message from memory and provision of that message to the digital voice 
card. The digital voice card would synthesize appropriate speech signals for 
transmission through the voice server card 1103A or 1103B and the voice network to 
the caller. This voice message might say "Jane Smith does not wish to be disturbed 
at this time. If you wish to leave a message please stay on the line." Callers 
fartiiliar with Ms. Smith would know that this blocking feature could be overridden 
by input of a personal identification number ( PIN ) which Ms. Smith had given them. 
The IP would wait a specified time period and would collect any dialed digits 
received during from the caller during that period. The IP would then formulate a 
query or other format message including any dialed digits received or information 
indicating a lack of receipt of digits and transmit that data message back up to 
the ISCP through the second signaling communication system. 

Detailed Description Text (40) : 

The ISCP 40 will utilize the information from the latest IP query message to again 
access the stored data tables in the SCP database 43, formulate an appropriate 
instruction for further processing ' and transmit that instruction back to the IP via 
the second signaling communication network. Continuing with the call blocking 
example, the ISCP would identify whether or not a correct PIN was dialed in by the 
caller. If not, the next message to the IP would instruct the IP to execute a voice 
mail box script for the called subscriber. The IP would play an outgoing message 
and record an incoming message to the caller. After completion of the mailbox 
script, IP processing would be complete and the IP would disconnect the call and 
processing would end. 

Detailed Description Text (41) : 

Not all processing of AIN telephone calls by the IP ends in a simple disconnect. 
Other alternative call dispositions are possible. The most common, such as used in 
the present invention, is that after all other processing the IP will instruct the 
SSP to transfer the call to a specified destination, which may be the credit card 
authentication facility of a credit card issuer or financial institution. In such a 
case, the message transmitted from the ISCP to the IP would specify an actual 
destination number. In the call blocking example, if the ISCP determined that the 
caller had dialed in a valid PIN, the ISCP would transmit the telephone number for 
Jane Smith's current location. The IP will request call transfer by the SSP and 
supply the destination number to the SSP. For example, if the link to the SSP uses 
ISDN, the IP would transmit a transfer request and the destination digits over the 
D-channel. As an alternate example, if the link is Tl carrying multiplexed Centrex 
lines, the IP would simulate a hook-flash on the line or channel carrying the call 
and then outpulse the digits of the destination number. In response to the transfer 
request, the SSP routes the call to the destination and tears down the prior call 
connection between the caller and the IP. 

Detailed Description Text (45) : 

The subscriber may access the service for programming purposes by dialing a number 
which may be a virtual number in the telephone system, such as an 800 number. This 
accesses a voice response menu system using hardware which may be provided at the 
switch, at the ISCP, or in an intelligent peripheral or other network device. For 
security purposes a user ID and password system or a PIN may be used. 

Detailed Description Text (46) : 
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The subscriber may access the system through his own residence telephone, or by 
remote access from another telephone. Preferably, the telephone is a DTMF or 
Touchtone Telephone . TM. . If the subscriber uses his own telephone the subscriber's 
identify is determinable from the ANI, ICLID, or DNIC signal. If the subscriber 
uses a remote phone other than his residence telephone the identity of the caller 
will be ascertained in a dialogue with a voice prompt system and the directory 
number of the credit security service subscriber which is keyed in response to a 
request in the dialogue. Alternatively, voice recognition may be used in place of 
DTMF signaling. 

Detailed Description Text (47) : 

Once the user has logged into the system by entering the correct number and 
password, ID or PIN, the subscriber may select from a menu of parameters offering 
options for programming the service. From the menu, the subscriber may elect to 
activate the identified card or cards for a selected period of time. This may be in 
the form of a time duration commencing immediately, such as three hours from the 
present time, or a time period with designated commencement and termination times, 
such as from 9 a.m. of a stated date to 1 p.m. of the same date. Following this 
input the voice messaging unit will play back to the customer the requested time 
and any errors of entry may be corrected in known fashion as will be understood. 

Detailed Description Text (48) : 

Assuming that an activation time is established, the customer may next be asked if 
he wants to specify an area for authorized usage, such as a zip code area, an 
access area, city or county boundary area, etc. Again, the voice messaging unit 
will play back the entry for confirmation by the customer. 

Detailed Description Text (49) : 

The customer next may be asked if he wants to place a dollar limit on the 
authorization and, if so, in what amount. This will be keyed or spoken in by the 
customer and confirmed by the voice messaging. 

Detained Description Text (50) : 

The foregoing will constitute the most frequently used parameters. However, 
additional safeguards will be available. For example, the voice message can then 
inquire as to whether the customer desires to mandatorily or optionally require the 
card user to supply upon request a temporary ID or PIN number. If so, this will be 
entered by the subscriber in response to a voice message and confirmed. As a 
further mandatory or optional safeguard, the subscriber may be offered the option 
of establishing a temporary voice recognition authentication password to be spoken 
by the card user during the card activation session being programmed. If this is 
selected, the user will be requested to speak such password or number and the 
affirmative response of the subscriber to the inquiry as to whether such a password 
should be established will trigger the creation of a voice authentication template 
at the intelligent peripheral IP in a known manner, such as, for example, as 
described in Applicant's copending patent application Ser. No. 08/322,133, filed 
Oct. 13, 1994, attorney Docket No. 680-107, now U.S. Pat. No. 5,513,250. 

Detailed Description Text (54) : 

The traditional approach to credit card authorization transactions is to provide a 
service establishment, such as a store, with a special authorization terminal 
equipped with an internal asynchronous modem which is connected to a local 
telephone line. When a credit card is moved through a slot on the terminal past a 
magnetic stripe reader, information is collected from the magnetic stripe on the 
card. The terminal then goes off hook on the telephone line and dials a number 
previously programmed into the terminal. Equipment, including a modem, at the 
called site answers the call. After the call is answered, data communication is 
established. The data transmission for dial-up credit card authorizations is most 
often governed by the Visa protocol. Information from the magnetic stripe, 
information previously programmed into the terminal, and information keyed into the 
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terminal by the merchant about the specific sale are transmitted up-line to a host 
computer where the request is processed and an authorization code or other 
information (e.g., a request to call for voice authorization) is transmitted back 
to the point-of-sale terminal. Upon receiving the response, the terminal goes on- 
hook and the call is terminated. Many terminals can be programmed to dial different 
numbers based upon the information contained in the magnetic stripe on the card 
being processed. 

Detailed Description Text (58) : 

The IP is connected to the SSP central office 210 via a voice connection 247 and a 
data connection 249. It will be understood that through the use of ISDN or a Tl 
link this may constitute a single link as previously described. The IP is also 
connected to the ISCP via a data link 251 which is distinct from the preexisting 
SS7 network and which may or may not use SS7 protocol, also as previously 
described. Alternatively, the ISCP may communicate with the IP through the existing 
SS7 network and the link between the SSP central office 210 and IP 245. 

Detailed Description Text (60): 

By way of example, a subscriber to the new service may establish a service profile 
by calling the new service facility associated with the central office 210 which 
may be the SOP 43 shown in FIG. 1. The caller requests a subscription to the 
transaction security service. Thereupon there ensues a dialogue between the caller 
and a live operator or a Voice Processing Unit (VPU) which may be located at the IP 
as described in connection with FIGS. 3 and 4. In that dialogue the identity of the 
directory number and subscriber is automatically available to the service facility 
via ANI, ICLID, or DNIC. The dialogue entails the calling party identifying one or 
more transaction devices or cards, by name, number, and expiration date. This 
information is stored in a database at the IP and in the database 43 at the ISCP 
via suitable signaling between the IP and ISCP. The caller is then requested to 
establish a series of parameters which may include a PIN, and voice print or 
template. 

Detailed Description Text (61) : 

When the transaction device or credit card holder intends to use the transaction 
device or card, he may access the security system and be verified by the PIN or 
voice template thus established. Thereupon, the card holder may set a series of 
parameters which he desires as a necessary prerequisite to activation of the card 
or transaction device. These parameters may include, a set period of time, such as, 
for the next three hours, or for example, from 9 a.m. to 1 p.m. on a specified 
date; a limit on the credit card total purchasing power during that time, such as, 
for example, $250.00; a geographic location for the use of the credit card, such 
as, a city, country, zip code area, or NXX area; and, a temporary PIN that would be 
applicable under the foregoing restrictions in order to complete activation. Voice 
authentication may also be established as an additional parameter as previously 
described. 

Detailed Description Text (62): 

Following initial establishment of this service profile, the card holder may 
thereafter arrange for activation of the card for use by calling a directory number 
provided to the caller in the establishment of the subscription and service 
profile, verifying the identity of the caller by the pre-established PIN and/or 
voice authentication template. After successful completion of such verification the 
caller may activate the identified card by establishing the desired set period of 
time, limit on purchasing power, location of use, and temporary PIN for use subject 
to the satisfactory establishment of the foregoing parameters. 

Detailed Description Text (65) : 

Following an affirmative response to the monetary comparison, the processor at the 
IP next compares the geographic location of the calling station, i.e. the 
transaction device 242, as determined by ANI, ICLID, or DNIC, with the area 
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designated by the subscriber. Following an affirmative response the VPU at the IP 
requests and obtains from the person attempting to use the credit device a 
vocalization of the temporary ID or PIN established by the user for the time frame. 
Following an affirmative comparison the VPU at the IP may request the user to 
repeat the word used to create the voice identification template stored at the IP. 
It will be understood that not all of the steps need be required in every instance 
and that the voice steps in particular may be permitted to be at the option of the 
merchant seeking authentication. The merchant may request such additional 
authentication steps either through a voice line and telephone station at the 
transaction authentication device or card reader, or the depression of a 
predetermined DTMF key or keys, by way of example. 

Detailed Description Text (71) : 

The operation of this embodiment of the invention is now described in relation to 
the simplified diagram shown in FIG. 6. At 310 there is indicated a caller station 
which may be a card reader as shown at 242 in FIG. 5, or may be a telephone in the 
case of a person seeking access to PBX DISA. The caller at station 310 is connected 
to an SSP at 312 via a voice link 314. If the caller constitutes a transaction 
device such as a card reader, the security measures may be initiated either in 
response to a code detected from the card by the reader or, in the alternative, by 
the identity of the calling station as may be established from the ANI, ICLID, 
directory number, NNX or the like. As a further alternative the triggering may be 
based on the identity of the called number or by the combined identity of the 
calling and called numbers . 

Detailed Description Text (73) : 

Following the appropriate recognition of the call by the ISCP the ISCP initiates a 
response data message to a verifier 324 to conduct a voice verification. At the 
same time the ISCP directs the SSP to suspend the originally dialed call to the 
destination 326 and directs connection of the caller at 310 to the verifier 324. 
The verifier 324 may be a voice recognition module or platform in an IP, such as 
the IP*s shown and described in connection with FIGS. 3 and 4. The voice 
recognition platform selects the voice template created by the person to whom the 
credit card issued or by the person qualified or accredited to use PBX DISA. 

Detailed Description Text (74) : 

The voice recognition template for each user must be established prior to usage of 
the service and this may be accomplished in a manner appropriate to the particular 
subscriber. Thus in the instance where a credit or transaction card is issued to 
the subscriber the establishment of a voice recognition template may be required as 
a condition of issuance of the card. Alternatively the template may be required 
only if the recipient of the card desires to qualify the card for use at specified 
establishments. That is, if the credit card issuer does not require use of the 
voice verification as a condition of use of the card the issuer may nevertheless 
inform the recipient that the card may not be usable for certain designated 
transactions. With respect to such transactions the card will be recognized and 
accepted only if the recipient establishes a voice recognition template and 
satisfies the voice recognition requirements in using the card for those 
transactions. Creation of the template may be carried out as above described in 
connection with the earlier described embodiments of the invention requiring voice 
recognition. 

Detailed Description Text (75) : 

In the situations where a credit card or transaction device is not involved, such 
as PBX DISA, the person seeking issuance of a password or number to access the 
involved service may be required to establish a voice recognition template before 
the service or access can be actuated. 

Detailed Description Text (76) : 

Following establishment of the voice connection between the verifier 324 and caller 
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310 the steps of voice verification are performed as previously described. If the 
verification requirement is satisfied as determined in the verifier or IP, either 
the IP dispatches a message to the ISCP to that effect or the IP dispatches a 
message direct to the SSP 312 directing establishment of the connection of the 
caller 310 to the destination 326. In the case where the destination 326 
constitutes a credit card validation bureau, such as at 258 in FIG. 5, the normal 
credit card validation then proceeds following the precedent added security of the 
voice verification through the central verification service. Where the caller seeks 
a service such as PBX DISA which does not involve a credit or transaction card, the 
destination may constitute the PBX. The conventional verification of PBX DISA 
access then will be performed following the added security steps of voice 
authentication . 

Detailed Description Text (77) : 

It will be obvious that the voice verification security step requires some facility 
for the user to speak the predetermined word or words for communication to the 
verification module. In most instances of credit cards at point of sale 
transactions, a telephone station already exists and is frequently used for 
vocalized communication between the validation bureau and the point of sale. Where 
such a telephone station exists it may serve as the terminal for input of the voice 
to be validated as authentic. In other instances, such as ATM machines and gas 
pumps, a telephone station is not now normally available. According to the 
invention such transaction points are provided with telephone or telephone type 
terminals connected to voice circuits to a central office switch. Alternative to 
handset type telephones a speaker and microphone or a combination 
speaker/microphone are provided. 

Detailed Description Text (78) : 

It will be apparent from the foregoing that the centralized verification center 
provided by the present invention provides numerous advantages. The centralized 
center makes it possible for users to establish voice authentication templates a 
single time for use in and with varied transactional activities. A wide variety of 
businesses are provided with a fully operational virtually instantly available 
security system. Duplication of such systems may be eliminated or at least 
minimized. There is no necessity for each business desiring the added security 
measure to investigate competing equipment or systems or to make a substantial 
capital investment. 

CLAIMS : 

1. In a telephone system comprising: 
telephone stations; 

spaced central office switching systems interconnected via trunk circuits for 
selectively providing switched telephone call communications between at least two 
of said telephone stations; 

a service control point, separate from said central office switching systems, 
comprising a database storing call processing data associated with a plurality of 
said telephone stations for control of call processing through one or more of said 
central office switching systems; 

a peripheral platform connected to at least one of said central office switching 
systems via a telephone call connection channel, the peripheral platform comprising 
means for providing at least one auxiliary telephone call processing capability via 
the telephone call connection channel and including a database of personal speech 
identification templates; 

a signaling communication system separate from said trunk circuits for two-way 
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communications of data messages between said central office switching systems, 
between said central office switching systems and said service control point, and 
between said peripheral platform and said services control point; 

a transaction authentication platform; 

a method comprising the steps of: 

(a) initiating a call by dialing a virtual number at one of said telephone stations 
which results in sending control signals from one of said switching systems to said 
service control point, said control signals representing an inquiry regarding the 
call and including data identifying a transaction device and including data 
identifying action to be taken with respect to said transaction device; 

(b) said service control point identifying a service corresponding to said virtual 
number and accessing in its database data identifying transaction devices of 
subscribers to said service; 

(c) on identifying one of said transaction devices in said data identifying 
transaction devices in said database, sending control signals to said peripheral 
platform for providing said service, said control signals identifying said one of 
said transaction devices; 

(d) said peripheral platform using the identity of said one of said transaction 
devices to access a personal speech identification template corresponding to the 
identity of said one of said transaction devices; 

(e) connecting said dialing telephone station to said peripheral platform for voice 
communication; 

(f) inputting to said connected telephone station a voice utterance of a word 
corresponding to a word used to create said template; 

(g) receiving at said peripheral platform a signal resulting from the inputting of 
said utterance; 

(h) comparing said received signal with said template to establish a match; 

(i) if a match is not established for said utterance terminating the connection to 
said connected station; 

(j) if a match is established sending to said one of said switching systems control 
signals directing further connection of said connected telephone station to said 
transaction authentication platform. 

13. In a telephone system comprising: 

telephone stations; 

spaced central office switching systems interconnected via trunk circuits for 
selectively providing switched telephone call communications between at least two 
of said telephone stations; 

a service control point, separate from said central office switching systems, 
comprising a database storing call processing data associated with at least certain 
of said telephone stations for control of call processing through one or more of 
said central office switching systems; 

a peripheral platform connected to at least one of said central office switching 
systems via a telephone call connection channel, said peripheral platform 
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comprising means for providing at least one auxiliary telephone call processing 
capability via the telephone call connection channel and including a database of 
personal speech identification templates; 

a signaling communication system separate from the trunk circuits for two-way 
communication of data messages between said central office switching systems, 
between said central office switching systems and said service control point, and 
between said peripheral platform and said services control point; 

a transaction authentication platform; 

a method comprising the steps of: 

(a) initiating a call by dialing a virtual number at one of said telephone stations 
which results in sending control signals from one of said switching systems to said 
service control point representing an inquiry regarding the call and including data 
identifying a transaction device and including data identifying action to be taken 
with respect to said transaction device, said last named data being associated with 
at least one of the calling or called numbers; 

(b) said service control point determining from its database a service 
corresponding to said at least one of said numbers; 

(c) on identifying said action sending control signals to said peripheral platform 
for providing said determined service, said control signals identifying said 
transaction device; 

(d) said peripheral platform using the identity of the transaction device 
determined by said control signals in step (c) to access a personal speech 
identification template corresponding to the identity of said transaction device; 

(e) connecting said dialing telephone station to said peripheral platform for voice 
communication; 

(f) inputting to said connected station a voice utterance of a word corresponding 
to a word used to create said template; 

(g) receiving at said peripheral platform a signal resulting from the inputting of 
said utterance; 

(h) comparing said received signal with said template to establish a match; 

(i) if a match is not established for said utterance terminating the connection to 
said connected station; 

(j) if a match is established sending to the switching system to which said 
telephone station is connected control signals directing further connection of said 
connected telephone station to said transaction authentication platform. 

24. In a telephone system comprising: 

telephone stations; 

spaced central office switching systems interconnected via trunk circuits for 
selectively providing switched telephone call communications between at least two 
of said telephone stations and including connections between said telephone 
stations and end central offices associated therewith; 

a service control point, separate from said central office switching systems, 
comprising a database storing call processing data associated with a plurality of 



http://westbrs:9000^in/gate.exe?f^doc&state=tnp7rqJJ&ESNAME=KWIC&p_M 12/30/03 



said telephone stations for control of call processing through one or more of said 
central office switching systems; 

a peripheral platform connected to at least one of said central office switching 
systems via a telephone call connection channel, said peripheral platform 
comprising means for providing at least one auxiliary telephone call processing 
capability via said telephone call connection channel and including a database of 
personal speech identification templates; 

a signaling communication system separate from said trunk circuits for two-way 
communication of data messages between said central office switching systems, 
between said central office switching systems and said service control point, and 
between said peripheral platform and said services control point; 

a transaction authentication platform; 

a transaction device reader at the site of at least one of said telephone stations 
associated with one of said switching systems; 

a method comprising the steps of: 

(a) initiating a call by reading a transaction device at the site of said telephone 
station at which said transaction device is located to generate a signal causing 
dialing of a virtual number which results in sending control signals from the 
switching system with which the telephone station at which said transaction device 
is located is associated to said service control point representing an inquiry 
regarding the call and including data identifying said transaction device and 
including data identifying action to be taken with respect to said transaction 
device, said last named data being associated with at least one of the calling or 
called numbers; 

(b) said service control point determining from its database a service 
corresponding to said at least one of said numbers; 

(c) on identifying said action sending control signals to said peripheral platform 
for providing said determined service, said control signals identifying said 
transaction device; 

(d) said peripheral platform responding to said control signals by accessing a 
personal speech identification template which is identified by said control 
signals; 

(e) connecting said dialing telephone station to said peripheral platform for voice 
communication; 

(f) inputting to said connected telephone station a voice utterance of a word 
corresponding to a word used to create said template; 

(g) receiving at said peripheral platform a signal resulting from the inputting of 
said utterance; 

(h) comparing said received signal with said template to establish a match; 

(i) if a match is not established for said utterance terminating the connection to 
said connected station; 

(j) if a match is established sending to said switching system from which said call 
was originated control signals directing further connection of said connected 
telephone station and transaction device reader to said transaction authentication 
platform; 
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(k) reading said transaction device with said transaction device reader; 

(1) sending a data signal to said transaction authentication platform 
representative of the information contained in said data signal; 

(m) following authentication of said transaction device sending a data signal to 
said transaction device reader authorizing said transaction. 

26. In a telephone system comprising: 

telephone stations; 

spaced central office switching systems interconnected via trunk circuits for 
selectively providing switched telephone call communications between at least two 
of said telephone stations; 

a service control point, separate from said central office switching systems, 
comprising a database storing call processing data associated with a plurality of 
said telephone stations for control of call processing through one or more of said 
central office switching systems; 

a peripheral platform connected to at least one of said central office switching 
systems via a telephone call connection channel, said peripheral platform 
comprising means for providing at least one auxiliary telephone call processing 
capability via the telephone call connection channel and including a database of 
personal speech identification templates; 

a signaling communication system separate from said trunk circuits for two-way 
communications of data messages between said central office switching systems, 
between said central office switching systems and said service control point, and 
between said peripheral platform and said services control point; 

a method comprising the steps of: 

(a) initiating a call by dialing a number at one of said telephone stations which 
results in sending control signals from one of said switching systems to said 
service control point representing an inquiry regarding the call and including data 
identifying a procedure being requested; 

(b) said service control point determining the procedure being requested and the 
entitlement of the telephone station which initiated said call to said procedure as 
indicated by data transmitted to said service control point; 

(c) on establishing said entitlement sending control signals to said peripheral 
platform, said control signals identifying the source of the request on the basis 
of identification signals inputted at said telephone station at which said call was 
initiated; 

(d) said peripheral platform using said control signals identifying the source of 
said request to access a personal speech identification template corresponding to 
said identity of said source of said request indicated by said identification 
signals; 

(e) connecting said dialing telephone station to said peripheral platform for voice 
communication; 

(f) inputting to said connected station a voice utterance of a word corresponding 
to a word used to create said template; 
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(g) receiving at said peripheral platform a signal resulting from the inputting of 
said utterance; 

(h) comparing said received signal with said template to establish a match; 

(i) if a match is not established for said utterance terminating said connection to 
said connected station; 

(j) if a match is established sending to said switching system to which said 
telephone station is connected control signals directing further connection of said 
connected telephone station to access the requested procedure. 

27. A telephone system comprising: 

telephone stations; 

spaced central office switching systems interconnected via trunk circuits for 
selectively providing switched telephone call communications between at least two 
of said telephone stations and including connections between said telephone 
stations and end central offices associated therewith; 

a service control point, separate from said central office switching systems, 
comprising a database storing call processing data associated with a plurality of 
said telephone stations for control of call processing through one or more of said 
central office switching systems; 

a peripheral platform connected to at least one of said central office switching 
systems via a telephone call connection channel, said peripheral platform 
comprising means for providing at least one auxiliary telephone call processing 
capability via said telephone call connection channel and including a database of 
personal speech identification templates; 

a signaling communication system separate from said trunk circuits for two-way 
communications of data messages between said central office switching systems, 
between said central office switching systems and said service control point, and 
between said peripheral platform and said services control point; 

a transaction authentication platform; 

a voice processing unit; 

a transaction device reader at the site of at least one of said telephone stations 
and connected to the connection of said telephone station to its end office switch, 
said transaction device reader on reading a transaction device initiating the 
dialing of a virtual number associated with that transaction device reader; 

said switching systems comprising program controlled switches programmed so that 
said dialing of said virtual number results in sending control signals from the 
switching system to which said end office switch is connected to said service 
control point, said control signal representing an inquiry regarding the dialing of 
said vertical number and including data identifying the transaction device read by 
said transaction device reader; 

said service control point responsive to receiving said control signal determining 
the service corresponding to said virtual number and sending control signals to 
said peripheral platform, said signals including identification of said transaction 
device; 

said peripheral platform responding to said control signals including 
identification of said transaction device by accessing the speech identification 
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template corresponding to the identity of said transaction device as indicated by 
said control signals; 

said peripheral platform following accessing said template causing the initiation 
from said voice processing unit of a request to utter the speech corresponding to 
the speech represented by said template; 

said peripheral platform on receiving signals representative of a responsive 
utterance into the telephone station at the site of said transaction device reader 
comparing said signals to said template to attempt to establish a match; 

said peripheral platform on establishing a match originating data signals to cause 
said telephone station at the site of said transaction device reader and said 
transaction device reader to be connected to said transaction authentication 
platform. 

28. A telephone system comprising: 
telephone stations; 

central office switching systems interconnected via trunk circuits for selectively 
providing switched telephone call communications between at least two of said 
telephone stations and including connections between said telephone stations and 
end central offices associated therewith; 

a service control point, separate from said central office switching systems, 
comprising a database storing call processing data associated with a plurality of 
said telephone stations for control of call processing through one or more of said 
central office switching systems; 

a peripheral platform connected to at least one of said central office switching 
systems via a telephone call connection channel, said peripheral platform 
comprising means for providing at least one auxiliary telephone call processing 
capability via the telephone call connection channel and including a database of 
personal speech identification templates; 

a signaling communication system separate from said trunk circuits for two-way 
communications of data messages between said central office switching systems, 
between said central office switching systems and said service control point, and 
between said peripheral platform and said services control point; 

a transaction authentication platform; 

a voice processing unit; 

a transaction device reader at the site of at least one of said telephone stations 
and connected to the connection of said telephone station to its end office switch, 
said transaction device reader on reading a transaction device initiating the 
dialing of a virtual number associated with that transaction device reader; 

said switching systems comprising program controlled switches programmed so that 
dialing said virtual number at a predetermined one of said telephone stations 
results in sending control signals from said switching system to which said 
predetermined telephone station is connected to said service control point, said 
control signal representing an inquiry regarding said dialing and including data 
identifying the calling telephone station and the transaction device read by said 
transaction device reader; 

said service control point responsive to receiving said control signals determining 
the service corresponding to said virtual number and identity of said predetermined 
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telephone station and sending control signals to said peripheral platform, said 
signals including identification of said transaction device; 

said peripheral platform responding to said control signals to identify said 
transaction device to access the speech identification template corresponding to 
said transaction device identified by said control signals; 

said peripheral platform following accessing said template causing the initiation 
from said voice processing unit of a request to utter the speech corresponding to 
the speech represented by said template; 

said peripheral platform on receiving signals representative of the responsive 
utterance comparing said signals to said template to attempt to establish a match; 

said peripheral platform on establishing a match originating data signals to cause 
said predetermined telephone station and transaction device reader to be connected 
to said transaction authentication platform. 
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